Thousands of Fortinet VPN Account Credentials Leaked
#1
Information 
Quote:Credentials pilfered from 87,000 unpatched Fortinet SSL-VPNs have been posted online, the company has confirmed.
 
Or then again, maybe the number is far greater. On Wednesday, BleepingComputer reported that it’s been in touch with a threat actor who leaked a list of nearly half a million Fortinet VPN credentials, allegedly scraped from exploitable devices last summer.
 
The news outlet has analyzed the file and reported that it contains VPN credentials for 498,908 users over 12,856 devices. BleepingComputer didn’t test the credentials but said that all of the IP addresses check out as Fortinet VPN servers.
 
According to analysis done by Advanced Intel, the IP addresses are for devices worldwide. As the chart below shows, there are 22,500 victimized entities located in 74 countries, with 2,959 of them being located in the US.
Quote:UPDATE: Threatpost reached out to Fortinet for  clarification on how many devices were compromised. A spokesperson’s reply  reiterated the statement put out on Wednesday:
 
“The security of our customers is our first priority. Fortinet is aware that a malicious actor has disclosed on a dark web forum, SSL-VPN credentials to access FortiGate SSL-VPN devices.  The credentials were obtained from systems that have not yet implemented the patch update provided in May 2019.  Since May 2019, Fortinet has continuously communicated with customers urging the implementation of mitigations, including corporate blog posts in August 2019July 2020April 2021 and June 2021 For more information, please refer to our latest blog and PSIRT advisory.  We strongly urge customers to implement both the patch upgrade and password reset as soon as possible.”

Read more: Thousands of Fortinet VPN Account Credentials Leaked | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...damien76 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>